pptx
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Utility scripts such as
thumbnail.py,pack.py, andredlining.pyexecute system binaries includingsoffice,pdftoppm, andgitviasubprocess.run. - Parameterized calls are used to avoid shell injection vulnerabilities.
- Executions are limited to slide rendering, document conversion, and content comparison.
- [EXTERNAL_DOWNLOADS]: Node.js dependencies for slide rendering and image processing (
playwright,pptxgenjs,sharp) are specified in the standardpackage.jsonfile for retrieval from the npm registry. - [SAFE]: The skill incorporates multiple defensive coding measures.
- The use of
defusedxmlacross packing and unpacking utilities protects against XXE attacks during Office document manipulation. - Custom JSON validation logic prevents duplicate key collisions during content replacement.
- File path resolution is handled securely using the
pathlibandPathlibraries.
Audit Metadata